This tutorial will teach you how to delete virus manually without using any anti-virus programs in your computer. The tutorial is just basic but effective and it's easy to learn. The following steps are just a summary of the video related to Clint's blog post.
Note: To be able to delete any of your file, make sure it was not use by other programs of processes.
Begin Step 1. Let's use Task Manager.
Since virus and other infectious files are running it's process within your computer system, you are unable to delete the virus unless you kill or end the process that using the virus or keep it running. In this section, we will have to use the task manager in your computer systems in order to kill a process.
Press Ctrl + Alt + Del in your keyboard to access your task manager. In case you can't access your task manager it's either you are already infected by virus or other related files. You can download FREE extended task manager to replace your infected task manager,
click here to download.
Now, if you already have the task manager, open it and go toprocess tab. This time, it's a little bit harder to determine which one of the process that is a virus or keep the virus running on your computer. You have to make a little research here. But here is a few tips for you to determine the virus. You have a files like this. csrss.exe, svchost.exe, smss.exe, Lsass.exe, most virus copy their names with that file names but got little bit difference in spelling. Review that files and if you found files like this: svcchost.exe, ssmss.exe, cssrss.exe, look at the spelling...that's a virus.
Another TIP. Open your command prompt. Go to Start>Run and type cmd.
A Command Prompt window will open. Now, type on the current location in your cmd this command: cd.. hit ENTER and another cd..hit ENTER.
Refer to the image below.
On your current DRIVE: type, dir /ah and hit ENTER. All directories and files with hidden attribute in your current drive will display.
Refer to the image below.
Now, look for autorun.inf file on the displayed items. If you found an autorun.inf file open it using notepad. Close now your cmd.
Here's how to open autorun.inf file using notepad.
Go to Run, type: notepad c:\autorun.inf and hit ENTER.
Note: we are currently in drive C. in case you have different drive letters, please change the C to your own drive letter.
An autorun.inf should open in notepad like this:
You have notice the OPEN command inside the autorun.inf. Now, after the open command there is a name "virusname.exe" which will be the name of the virus or worms. Go back now to your task manager and look for that name, select it and then END TASK. You have now end the virus process. You are now done with our first step.
Proceed to Step 2. Let's again use the Command Prompt.
Open command prompt from Start>Run and type cmd. Or go to All Programs>Accessories>Command Prompt.
In command prompt window. as we have done on the first step using command prompt, use again the cd.. command twice to go to our drive c. (note again: your drive maybe different with mine.)
Now, type dir /ah. Remember the name of the virus as on step 1? Then now, delete the virus using the del command. But first, remember that virus are hidden files, which means we should change it's attributes using attrib command.
Type attrib -s -h virusname.exe /s /f . Refer to the image below:
After changing the attribute, you can now freely delete the virus.
Type del "virusname.exe" /f. Refer to the image below:
Now, you should have deleted the virus. Next step is to navigate to your Windows folder and system32 folder. To navigate to windows folder. Use the command cd "windows" and then
do the same job again. First look for virus name, change the attribute and delete. After doing it, navigate to system32 then do the same job again. Next is to navigate to the other drives, example your D, E, F, or removable drives and do the same job. That's it.............
To know more on how to use the command prompt commands, just type the command name followed by /?
i.e. cd /?
Step 3. Let's restore the altered system files which cause by virus or worms. One or more of this important file are altered within your system after you get infected:
Command Prompt or cmd
Registry Editor or regedit.exe
Run command
Task Manager
Folder Options
